How to configure SAML SSO - Azure AD

Integrate vRx Authentication With Azure AD SAML2.

SAML integration creates an vRx App in your Azure App directory, allowing the users to authenticate via Azure AD process, and from there, login into vRx dashboard utilizing SSO.

Please note that the SAML provider wizards are subject to change without notice.

To configure Azure AD SSO, follow these steps:

  • At your left navigation panel, navigate to Settings → Integrations:

  • At the integration tab, select Explore Integrations → SSO → Create Integration:
  • In the newly created SAML2 integration, edit the integration name and copy the following values, as we will use them later on in Azure configurations:
    • Entity ID URL
    • Login URL
    • Logout URL

  • In Azure Management Page, navigate to Enterprise Application and select New Application:
  • Choose create your own app and configure the app name. Select the Non-Gallery app option:
  • Select Set up single sign-on:
  • Select the SAML option:
  • Under Basic SAML Configuration, Select edit and configured the values recorded from vRx app creation:
    • Copy from vRx the "Entity ID URL"→ to Azure AD "Identifier" 
    • Copy the vRx "Single Sign-On URL"  → to Azure AD "Reply URL"
  • Paste the values in Azure AD configuration window:
  • Under SAML Signing Certificate section, Select edit:
  • Set the Signing Option to Sign SAML response:
  • Download the Certificate (Base64):
  • Paste the certificate content in the X509 Certificate Field at the vRx plugin window:
  • From Azure Set Up <App Name>,  copy the following values into the vRx Integration window:
    • Copy the Login URL to vRx Single Sign-On URL field.
    • Copy the Azure AD Identifier → to vRx Entity Identity URL field.
    • Copy the Logout URL to vRx Single Log Out URL field.

  • At the bottom right, Save the configuration by clicking Setup Integration:

Note - To enable successful SSO logins, Users must be configured on both Azure and vRx platforms, using the same user email address as the user identifier. 

Assign the vRx App to Azure AD users

In order to assign the vRx app to Azure users, follow these steps:

  • In Azure AD created app, Navigate to Users and groups:
  • Select Add user/group:
  • Select Test this application:

Your Azure AD SSO is now configured and users can either login via Azure App or by navigating directly to the "Login URL" field in the vRx app.

Note that the usual dashboard URL will continue to operate for non-SSO users.